14 matches found
EUVD-2025-17452
Malicious code in bioql PyPI...
EUVD-2025-17451
Malicious code in bioql PyPI...
The vulnerability of the Service Account Auditing service of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus allows a perpetrator to execute arbitrary code.
The vulnerability of the Service Account Auditing service in the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus is related to the lack of security measures for the SQL query structure. Exploitation of this vulnerability could allow a malicious actor to...
CVE-2025-27709
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports...
The vulnerability of the Service Account Auditing service of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus allows a perpetrator to execute arbitrary code.
The vulnerability of the Service Account Auditing service in the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus is related to the lack of security measures for the SQL query structure. Exploitation of this vulnerability could allow a malicious actor to...
CVE-2025-36528
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports...
CVE-2025-36528
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports...
CVE-2025-27709
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports...
CVE-2025-27709
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports...
CVE-2025-36528 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports...
CVE-2025-27709 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports...
CVE-2025-27709
Affected product: Zohocorp ManageEngine ADAudit Plus, versions 8510 and prior. Description: authenticated SQL injection in the Service Account Auditing reports (root cause per sources). Impact: CVSSv3.1 base score 8.3 (HIGH) with confidentiality and integrity impacts; exploitation details not pro...
CVE-2025-27709 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports...
PT-2025-24422 · Zohocorp · Zoho Manageengine Adaudit Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions 8510 and prior Description: The issue is related to authenticated SQL injection in the Service Account Auditing reports. Recommendations: For versions 8510 and prior, update to a version later than...